Multiple unspecified vulnerabilities in the Web management interface in Avaya SIP Enablement Services (SES) 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, allow remote malicious users to obtain (1) application server configuration, (2) database server configuration including encrypted passwords, (3) a system utility that decrypts "subscriber table passwords," (4) a system utility that decrypts database passwords, and (5) a system utility that encrypts "subscriber table passwords."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
avaya sip_enablement_services 3.0 |
||
avaya sip_enablement_services 3.1.1 |
||
avaya sip_enablement_services 3.1 |
||
avaya sip_enablement_services 4.0 |
||
avaya communication_manager 3.1.4 |
||
avaya communication_manager 3.1.5 |
||
avaya communication_manager 3.1 |
||
avaya communication_manager 3.1.2 |
||
avaya communication_manager 3.1.3 |
||
avaya communication_manager 3.1.1 |